Video

Attacks on Traffic Light Recognition

“Attacks on Traffic Light Recognition” demonstrates practical real-world attacks against neural networks in autonomous driving (AD). By exploiting backdoor and inference time attacks, an adversary can manipulate the perception module’s predictions, resulting in hazardous actions – such as running red lights. While such attacks were previously demonstrated using offline datasets, we are the first to effectively compromise a full-fledged autonomous vehicle in real-world conditions. Our research demonstrates that attacks against camera-based perception in AD are practical. To mitigate these threats, we explore the security of XAI-based defenses and propose anti-backdoor learning techniques.

Contributing Scientists
Name E-Mail
Erba, Alessandro alessandra erba does-not-exist.kit edu
Hegde, Achyut achyut hegde does-not-exist.kit edu
Ji, Yilin yilin ji does-not-exist.kit edu
Pavlitska, Svetlana svetlana pavlitska does-not-exist.kit edu
Polley, Nicolai nicolai polley does-not-exist.kit edu
Wressnegger, Christian christian wressnegger does-not-exist.kit edu
Zhao, Qi qi zhao does-not-exist.kit edu
Zöllner, Johann Marius marius zoellner does-not-exist.kit edu

Video

Privacy Risks of Smart City Sensors

The demonstrator visualizes proposed smart city sensors such as thermal and depth cameras, lidar and radar in real-time and thus highlights their privacy risks.

Contributing Scientists
Name E-Mail
Strufe, Thorsten thorsten strufe does-not-exist.kit edu
Arias Cabarcos, Patricia patricia cabarcos does-not-exist.partner kit edu
Morsbach, Felix felix morsbach does-not-exist.kit edu
Todt, Julian julian todt does-not-exist.kit edu